SECURITY ISSUE: GD (php image library)

cpanel's easyapache scripts still bundles GD 2.0.28 and as reported over the past few days and weeks there are several exploits for all versions of GD < 2.0.35 some incl. REMOTE ARBITRARY CODE EXECUTION.

Can cpanel PLEASE update the included GD library to at least 2.0.35 as it's currently sitting on 2.0.28

I'm running PHP 5.2.3 (Serious improvement over 5.2.0 - much faster) and I have GD 2.0.35 according to phpinfo. I believe a newer version of GD was bundled in/after 5.2.1. 5.2.3 and 5.2.4RC1 both feature GD updates/enhancements to the GD system.

This is crazy. We're the customers here and shouldn't have to be asking the developers to upgrade the software at our request due to security issues...

Obviously security isn't a great concern to cPanel as I have rarely seen priorities given to security updates previously. I mean, look how long it took for PHP 5.2.2 and 5.2.3 to hit the Apache Update page. Both versions hit the page at the same time which is pretty pointless in my opinion and, in addition, both hit the page weeks after release.

So, the question is how long will it take to get the GD Library updated? Anyone like to have a guess?